Oval Definition:
oval:org.opensuse.security:def:202328154
Revision Date
:
2023-04-22
Version
:
1
Title
:
CVE-2023-28154
Description
:
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
Mitre CVE-2023-28154
SUSE CVE-2023-28154
Platform(s)
:
SUSE Linux Enterprise Micro 5.4
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Micro 5.4 is installed
AND
Package Information
cockpit is not affected
OR
cockpit-bridge is not affected
OR
cockpit-networkmanager is not affected
OR
cockpit-selinux is not affected
OR
cockpit-storaged is not affected
OR
cockpit-system is not affected
OR
cockpit-ws is not affected
OR
cockpit-machines is not affected
OR
cockpit-podman is not affected
OR
cockpit-tukit is not affected
BACK